Surprise, suprise… The “Memogate” affair on the Senate Judiciary committee turns out to be what I predicted it to be last November.
Kevin Drum distills the technical findings of the 67 page report on the incident as follows:
The pilfered documents were accessible due to sloppiness on the part of the sysadmin.
It wasn’t just Democratic files. Every account created after August 2001 was wide open.
No one ever told the sysadmin about this problem.
The first time that Lundell showed some files to his Republican boss, she shredded the files and told him to knock it off. “This is not the way they do things here,” she said.
The reason every account created after August 2001 was wide open was because the network administrators did not know (or realize) that default directory permissions on Window NT Server are that the group Everyone has Full Control on files and directories. I’ve had to teach one semi technical friend that concept over and over again. If your NT administrator isn’t proficient in the use of XACLS, you could find yourself in the same situation as the Senate Judiciary Committee some day.
That’s just crazy. The sysadmin for the Senate didn’t know about default Everyone full access? That’s madness. It’s the most basic thing in Windows security.
I guess he got that question wrong on his MCSE exam.